Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Hp\-Ux
(Hp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 292 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2000-06-02 | CVE-2000-0468 | man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack. | Hp\-Ux | N/A | ||
| 2000-06-07 | CVE-2000-0515 | The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges. | Hp\-Ux | N/A | ||
| 2004-09-16 | CVE-2004-0809 | The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. | Http_server, Debian_linux, Linux, Hp\-Ux, Secure_web_server_for_tru64, Mandrake_linux, Enterprise_linux, Enterprise_linux_desktop, Secure_linux, Turbolinux_desktop, Turbolinux_home, Turbolinux_server | N/A | ||
| 2016-07-19 | CVE-2016-2775 | ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service (daemon crash) via a long request that uses the lightweight resolver protocol. | Fedora, Hp\-Ux, Bind, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 5.9 | ||
| 2023-06-16 | CVE-2023-30903 | HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6. | Hp\-Ux | 5.5 | ||
| 2015-05-21 | CVE-2015-4000 | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue. | Iphone_os, Mac_os_x, Safari, Ubuntu_linux, Debian_linux, Chrome, Hp\-Ux, Content_manager, Internet_explorer, Firefox, Firefox_esr, Firefox_os, Network_security_services, Seamonkey, Thunderbird, Openssl, Opera_browser, Jdk, Jre, Jrockit, Sparc\-Opl_service_processor, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Suse_linux_enterprise_server | 3.7 | ||
| 1997-08-01 | CVE-1999-0524 | ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. | Mac_os_x, Macos, Ios, Hp\-Ux, Tru64, Aix, Os2, Linux_kernel, Windows, Netware, Solaris, Sco_unix, Irix, Bsdos | N/A | ||
| 2007-10-18 | CVE-2007-5536 | Unspecified vulnerability in OpenSSL before A.00.09.07l on HP-UX B.11.11, B.11.23, and B.11.31 allows local users to cause a denial of service via unspecified vectors. | Hp\-Ux | N/A | ||
| 1993-01-13 | CVE-1999-0312 | HP ypbind allows attackers with root privileges to modify NIS data. | Hp\-Ux | N/A | ||
| 1996-04-18 | CVE-1999-0078 | pcnfsd (aka rpc.pcnfsd) allows local users to change file permissions, or execute arbitrary commands through arguments in the RPC call. | Bsd_os, Freebsd, Hp\-Ux, Aix, Mp\-Ras, Up\-Ux_v, Nextstep, Openserver, Unixware, Irix, Sunos | N/A |